The CI/CD and DevOps Blog

Docker images that comprise a production application are often deployed to private repositories in Docker registries. Kubernetes provides a feature calledimagePullSecrets that allows pods to pull private docker images. In this blog, we demonstrate how you can easily hookup imagePullSecrets to your podusing Shippable.

imagePullSecrets is a type of a Kubernete Secret whose sole purpose is to pull private images from a Docker registry. It allows you to specify the Url of the docker registry, credentials for logging in and the image name of your private docker image.

Applications deployed to a Kubernetes cluster often need access to sensitive information such as credentials to access a database and authentication tokens to make authenticated API calls to services. Kubernetes allows you to specify such sensitive information cleanly in an object called a Secret. This avoids putting sensitive data in a Pod defintion or a docker image. In this blog, we demonstrate how you can easily hookup Kubernetes Secrets to your podusing Shippable.

Creating a Kubernetes Secret

Secrets are defined in a yml file in a Secret object. A Secret object can specifiy multiple secrets in name-value pairs. Each secret has to be base64 encoded before specifying it in the yml.

Kubernetes allows you to package multiple containers into a pod. All containers in the pod run on the same Node, share the IP address and port space, and can find each other vialocalhost. To share data between pods, Kubernetes has an abstraction called Volumes. In this blog, we demonstrate how you can easily hookup Kubernetes Volumnes to your pod and define the containers in the pod using Shippable.

Kuberetes Volumes

A Volume is a directory with data that is accessible to all containers running in a pod and gets mounted into each containers filesystem. Its lifetime is identical to the lifetime of the pod. Decoupling the volume lifetime from the container lifetime allows the volume to persist across container crashes and restarts. Volumes further can be backed by host's filesystem, by persistent block storage volumes such as AWS EBS or a distributed file system. The complete list of the different types of volumes that Kubernetes supports can be found here.

Shippable supports mounting all the types of volumes that Kubernetes supports via the dockerOptions resource. However, the specific volume type that we demonstrate in this blog is a gitRepo volume. A gitRepo volume mounts a directory into each containers filesystem and clones a git repository into it.

When appropriate tools & technology are available in abundance, automation is considered the primary resource to improve the efficiency of any software development process. Faster innovation cycles and speed to market are crucial to a business. With the very same principle in mind Shippable was founded so that software powered organizations could accelerate innovation. Shippable provides an integrated platform, using which you can automate your software delivery from source control to production, without needing to write complex, imperative code.

In this tutorial we will learn how to create an end to end deployment for a single service, with source code maintained in a repository on github. We will also see how to trigger tests every time the deployed environment is updated or your test cases are updated.

A Docker image registry service makes it easy for developers to store, manage, distribute and deploy Docker images. Use a registry service to control the storing of your images, fully own your images distribution pipeline and integrate image storage and distribution tightly into your in-house development work flow.

This blog covers "Pushing a Docker image to a registry of your choice" scenario in the Docker in Continuous Integration (CI) series. We'll go over a simple example and look at advanced scenarios of using Docker images within CI and Continuous Delivery (CD) Pipelines.